MANDIANT Launches Industry's First Enterprise-Grade Incident Response Solution
at DEMO 08
MANDIANT Intelligent Response Manages Computer Security Incidents
PALM DESERT, Calif. and ALEXANDRIA, Va., Jan. 28 /PRNewswire/ -- MANDIANT,
an elite provider of incident response services and solutions, today released
MANDIANT Intelligent Response (MIR) 1.0, the industry's first enterprise-grade
incident response management solution that accelerates the collection of
electronic evidence in support of incident response, electronic evidence
discovery (EED) and corporate investigations.
"Security breaches and EED requests consume tremendous resources,
particularly across an organization with thousands of geographically dispersed
users and assets," said Kevin Mandia, President and CEO of MANDIANT. "Over the
years, our professional services team has helped hundreds of Fortune 500
companies and government agencies respond to security incidents. With the
launch of MIR 1.0, we are now leveraging our extensive experience into a fully
automated rapid evidence discovery platform that will initially enable
security professionals to more effectively manage the incident response
lifecycle."
MIR 1.0 enables precise data collection and advanced data analysis in a
scalable, multi-tier, appliance-based solution.
"MANDIANT Intelligent Response can change the negative perception
associated with rapid evidence discovery by providing a unique collaborative
environment that enables remote identification, collection, analysis and
reporting of electronic evidence," said Charles Kolodgy, research analyst at
IDC. "By fostering precision collection, organizations can avoid gathering
incorrect or incomplete data and wasting critical moments when responding to
time-sensitive matters."
Additional MIR 1.0 features and benefits include:
Precision-strike data identification and collection
MIR 1.0's modular framework allows rapid deployment before or during an
incident. Geographically dispersed analysts can initiate widespread data
searches across normal, deleted and hidden files to identify host and network-
level indicators of compromise.
Advanced data analytics
A centralized data store and workspace allows investigators to search
collected data for keywords; perform relational analysis on acquired data;
sort, filter and annotate case notes on the fly; compare against known hashes;
normalize timestamps; construct event timelines; and compare and contrast
collected data.
Report creation functionality
MIR 1.0 allows multiple investigators in various locations to collectively
create and edit reports and link those reports directly to underlying data,
analyses and annotations.
Open standards & technologies
MIR 1.0 embraces open standards to enable rapid integration into existing
information security infrastructure and strengthen the viability of MIR-
collected evidence in legal proceedings. MIR 1.0 employs the Advanced
Forensics Format (AFF) to store disk images and associated metadata.
Enterprise integration
MIR 1.0 was designed to benefit large-scale enterprises and integrates
with many existing enterprise management technologies. The agent's flexible
installation options enable rapid deployment to one or 10,000 assets via
existing software deployment infrastructure.
"Even with all the malware prevention and detection tools at work today,
bad things still happen to good IT infrastructure. And when they do, systems
and data managers have to scramble to find and resolve the security breach,"
said Chris Shipley, executive producer of DEMO 08. "With the mantra 'find
evil, solve crime,' MANDIANT brings calm and clarity to the process of
detecting and resolving security issues. MANDIANT Intelligent Response is the
missing piece in an ecosystem of incident response and should become a part of
every network management suite."
For more information about MANDIANT Intelligent Response, visit
www.mandiant.com or visit MANDIANT at DEMO Pavilion #75.
About DEMO
Produced by Network World Events and Executive Forums, the semi-annual
DEMO conferences focus on emerging technologies and new products, which are
hand-selected from across the spectrum of the technology marketplace. The DEMO
conferences have earned their reputation for consistently identifying
tomorrow's cutting-edge technologies, and have served as launch pad events for
companies such as Palm, E*Trade, Handspring, and U.S. Robotics, helping them
to secure venture funding, establish critical business relationships, and
influence early adopters. Each DEMO conference features approximately 70 new
companies, products and technologies. For more information, visit
www.demo.com.
About MANDIANT
MANDIANT is an information security company providing professional
services, education and software to Fortune 500 companies, financial
institutions, government agencies, domestic and foreign police departments and
several of the U.S.'s leading law firms. MANDIANT security consultants are
acknowledged experts in incident response, computer forensics, network
security and application security. In addition to authoring nine books and
numerous articles about computer forensics, incident response and rootkits,
MANDIANT's consultants have been featured on news programs including CBS's 60
Minutes, CNN's Talkback Live, NBC News and FOX News. MANDIANT operates
offices in the Washington, DC area and New York City. For more information
about MANDIANT visit www.mandiant.com.
SOURCE MANDIANT
Anne M. Mroczynski of MANDIANT, +1-703-683-3141, anne.mroczynski@mandiant.com;
or Michelle Schafer of Merritt Group Inc., +1-703-403-6377,
Schafer@merrittgrp.com, for MANDIANT
